This is the mail archive of the
ecos-bugs@sourceware.org
mailing list for the eCos project.
[Bug 1001743] New: pthread name not NULL terminated.
- From: bugzilla-daemon at bugs dot ecos dot sourceware dot org
- To: ecos-bugs at ecos dot sourceware dot org
- Date: Fri, 01 Feb 2013 10:11:23 +0000
- Subject: [Bug 1001743] New: pthread name not NULL terminated.
- Auto-submitted: auto-generated
Please do not reply to this email, use the link below.
http://bugs.ecos.sourceware.org/show_bug.cgi?id=1001743
Bug ID: 1001743
Summary: pthread name not NULL terminated.
Product: eCos
Version: CVS
Hardware: All
Architecture/Host All
OS:
Status: UNCONFIRMED
Severity: minor
Priority: low
Component: POSIX
Assignee: unassigned@bugs.ecos.sourceware.org
Reporter: ecos@astekk.se
CC: ecos-bugs@ecos.sourceware.org
Class: Advice Request
Classification: Unclassified
The nthread->name is not NULL terminated when generating the pthread name on a
stack that is not initialized to all zeroes.
In pthread.cxx:592 (
http://ecos.sourceware.org/cgi-bin/cvsweb.cgi/ecos/packages/compat/posix/current/src/pthread.cxx?rev=1.16&content-type=text/x-cvsweb-markup&cvsroot=ecos
):
#ifdef CYGVAR_KERNEL_THREADS_NAME
// generate a name for this thread
char *name = nthread->name;
static char *name_template = "pthread.00000000";
pthread_t id = nthread->id;
for( int i = 0; name_template[i]; i++ ) name[i] = name_template[i];
// dump the id, in hex into the name.
for( int i = 15; i >= 8; i-- )
{
name[i] = "0123456789ABCDEF"[id&0xF];
id >>= 4;
}
#endif
In the for-loop copying the template into name, the terminating NULL from
template is not copied over, which may leave name unterminated.
Example output from a dump:
Threads:
Idle Thread pri = 31 state = R id = 1
stack base = 00007258 ptr = 00000000 size = 00000800
sleep reason NONE wake reason NONE
queue = 00000000 wait info = 00000000
pthread.00000800 pri = 15 state = S id = 2
stack base = 00008a98 ptr = 00000000 size = 00001ef4
sleep reason WAIT wake reason NONE
queue = 00002b88 wait info = 00000000
ext_events pri = 10 state = S id = 3
stack base = 00004a30 ptr = 00000000 size = 00000960
sleep reason WAIT wake reason NONE
queue = 0000544c wait info = 00005310
<Not a string: 0xAD90 > pri = 15 state = R id = 4
stack base = 0000ae74 ptr = 00000000 size = 00001ef4
sleep reason NONE wake reason DONE
queue = 00000000 wait info = 00000000
And, sample output from custom routine listing all threads, without rigorous
thread name tests:
ID Prio State Stack usage Name
1 31 r 524/2048 Idle Thread
2 15 S 1728/7924 pthread.00000800
3 10 S 316/2400 ext_events
4 15 R 2324/7924 pthread.00000C010âhâ
The fix is easy enough, simply rewrite the for-loop into a do while-loop so the
terminating char is copied over as well.
--
You are receiving this mail because:
You are on the CC list for the bug.